PRIVACY POLICY AND PERSONAL DATA TEXT
This Privacy Policy and Personal Data Text (Policy), has been drafted in order to clarify and inform the visitors (User) about the terms and conditions regarding the use of data obtained and/or to be obtained from visitors in any way and the ways of processing data obtained through the website operating under the domain name www.inofab.health (Website) owned by İnofab Sağlık Teknolojileri Anonim Şirketi (Company) or another domain name owned by Company.
Cookies are used by Company to collect personal data in the Website. For more detailed information on the use of cookies, please see our Website Cookie Policy.
1. General Explanations
Company adopts this Policy in respect of privacy, use and other related issues of the processed information regarding Users.
Personal data refers to any information regarding an identified or identifiable natural person. Thus, the regulations regarding the personal data contained in this text shall apply if the relevant information belongs to a natural person. If the relevant information belongs to legal persons, regulations other than those regarding personal data in this text shall apply.
Company places importance on the confidentiality of data and takes care to be transparent about data retention. This Policy is the privacy policy and clarification text that includes information about what kind of data is collected, how this data is used, if necessary with whom this data is shared, what are the rights regarding personal data and how these rights can be used, and the principles adopted by the Company regarding confidentiality.
Personal data are processed in line with the below mentioned basic principles:
- Being in accordance with law and good faith,
- Being accurate and, where necessary, up-to-date,
- Being processed for specific, explicit and legitimate purposes,
- Being connected, limited for the purpose for which they are processed and data minimization; and
- Being stored for the period stipulated in the relevant legislation or required for the purpose for which they are processed.
2. Data Controller
3. Data Categories and Data Types
| Data Categories | Data Types |
|---|---|
| Identity Information | Name, surname |
| Contact Information | Phone number, e-mail address, city |
| Customer Transaction | Interested product, message of the contacting person |
| Process Security Information | IP address, website visit data |
| Marketing | Data acquired through cookies |
Methods of Collection of Personal Data
Company obtains personal data through the Website with electronic or written means including contact forms, in line with the personal data processing conditions specified in KVKK and process them in accordance with the purposes mentioned below.
Data Processing Purposes and Legal Reasons
| Data Categories | Data Processing Purposes | Legal Reasons |
|---|---|---|
Identity Information Contact Information Customer Transaction |
|
|
Process Security Information |
|
|
| Marketing |
|
|
6. Transferring Your Personal Data
Company takes care to process your personal data in line with the principles of “need-to-know” and “need-to-use”, data minimization and by taking all necessary technical and administrative security measures. As conducting or auditing business activities, ensuring business continuity and management of digital infrastructure requires continuous data transfer to various partners, we are required to transfer personal data to third persons for specific reasons. Additionally, accuracy and up-to-dateness of your personal data is essential for the Company to fulfill its contractual and legal obligations fully and properly. For this reason, we have to work with various business partners and service providers.
Your personal data may be transferred to the below mentioned recipient groups in a manner limited to the specified reasons.
| Data Categories | Transfer Purpose and Transferred Group |
|---|---|
Identity Information Contact Information Customer Transaction |
|
| Process Security Information |
|
| Marketing |
|
7. Changes and Updates
As a data controller, Company has the right to change the policy on condition that it complies with the relevant legislation and that the personal data are better protected.
This Policy can be rearranged and updated as new features are added to the Website or new suggestions are received. However, in this case, we shall notify you by publishing the changes on the Website. We may notify such changes, in some important cases, by e-mail or by any other conspicuous method reasonably designed to notify you, with additional notices as appropriate. Upon being notified about these changes, if you continue to access the Website after the notification period, you shall be deemed to have allowed the changes in the Policy. Therefore, we recommend that you re-examine the Policy every time you gain access to the Website. This document was last updated on 01.06.2021. If the Policy provisions change, they become effective on the date of publication.
8. Your Rights as a Data Subject
In accordance with the personal data protection legislation, you have the following rights:
- to learn whether personal data is processed or not,
- to request information on whether your personal data has been processed,
- to learn the purpose of the processing of your personal data and whether this information is used within the intended purposes,
- to know the third parties to whom your personal data is transferred in domestic or abroad,
- to request the rectification of the incomplete or inaccurate data, if any,
- to request the erasure or destruction of the personal data under the conditions stipulated in KVKK,
- to request notifying third parties to whom the personal data has been transferred, of the rectification, erasure or destruction of your incomplete or inaccurate data,
- to object to the processing, exclusively by automatic systems, of your personal data, which leads to an unfavorable consequence for the person
- to request compensation for the damage arising from the unlawful processing of your personal data.
As data subjects, in order to submit your requests regarding your rights and to exercise your rights on your personal data; you can carry out the necessary changes, updates and/or deletions and related requests by sending such requests in a way to meet the minimum application requirements in the Communiqué on Application Procedures and Principles to the Data Controller; by filling out the Data Subject Access Request Form, which you can access on the website of our Company, and using the methods in this form, by writing to the address “İnofab Sağlık Teknolojileri A.Ş., Üniversiteler Mahallesi, İhsan Doğrmacı Bulvarı, 17/115, ODTÜ Teknokent, Silikon Blok, 06800 Çankaya, Ankara, Turkey” physically in writing, by signing with the secure electronic signature or mobile signature assigned to you, through your Registered E-Mail address to the registered e-mail address of our Company or by sending e-mail to our [email protected] address using your e-mail address previously notified to us and registered in our systems.
In the application that you will make as the data subject in order to exercise your rights stated above; your request must be clear and understandable, your request must be related to your person, or if you are acting on behalf of someone else, you must be specially authorized and document your authorization, and the application must meet the minimum application requirements stated in the Communiqué on Application Procedures and Principles to the Data Controller.
If you submit your requests to us using the methods specified, the Company will finalize the request as soon as possible and free of charge within thirty days at the latest, depending on the nature of your request. However, if the transaction requires an additional cost, the fee in the tariff determined by the Personal Data Protection Board will be charged by the Company.
Date of Update: 01.06.2021
